# Constellation Pod IP range to expose via VPN. The default is for GCP.
podCIDR: "10.10.0.0/16"

# Constellation Service IPs to expose via VPN. The default is for GCP.
serviceCIDR: "10.96.0.0/12"

# on-prem IP ranges to expose to Constellation. Must contain at least one CIDR.
peerCIDRs: []

# IPSec configuration
ipsec:
  # pre-shared key used for authentication
  psk: ""
  # Address of the peer's gateway router.
  peer: ""

# required tools:  sh    nsenter    ip       pidof  jq kubectl    charon
image: "nixery.dev/shell/util-linux/iproute2/procps/jq/kubernetes/strongswan"